IT services giant HCL left employee passwords exposed online, as well as customer project details, and other sensitive information, all without any form of authentication, research by security consultancy UpGuard reveals.

An HCL human resources portal published new employee names, usernames and clear text passwords. “The most sensitive stuff was on an HR portal and had a report for new hires, and it was very clearly being actively used,” Greg Pollock, vice-president of product at UpGuard, tells CSO. “Fifty-four people had been onboarded during the time period when I had found this.”

About site

This is experimental project, which search automatically antivirus, security, malware, etc. news and alerts. If you want add/delete source or post, let us know. We will add/delete it. We'd like make place, where you can find security information from various sources with correct backlink back to source.